U.S. government tells some Pixel users to update their phones in 10 days or stop using them
What is CVE-2024-32896?
CVE-2024-32896 is a high-severity security vulnerability in Google Pixel firmware that has been identified as an elevation of privilege issue3. The vulnerability has been found to be actively exploited in the wild, prompting the U.S. government to issue a warning to federal employees using Pixel phones to update their devices within 10 days or stop using them. The issue affects all Pixel devices, and it is recommended that users install the latest security update as soon as possible.
When will Android 15 be available for non-Pixel devices?
Android 15 is now available for non-Pixel devices, as the second beta build has been released for select devices from manufacturers such as Honor, iQOO, Lenovo, Nothing, OnePlus, OPPO, Realme, Sharp, Tecno, Vivo, and Xiaomi2. Users enrolled in the Android 14 QPR beta can receive the update over the air4.
What type of vulnerability does CVE-2024-32896 involve?
CVE-2024-32896 involves a privilege escalation vulnerability in Pixel Firmware, which is considered a high-severity issue4. This type of vulnerability allows an attacker to use an app to capture information that would not normally be available to them.